CyberStrike

Name: CyberStrike
Author: CyberStrikeus

Verified

AI-powered offensive security agent with 7,300+ actionable security skills. Autonomous pentesting powered by MITRE ATT&CK (2,000+ Atomic tests), CIS Benchmarks (1,500+ controls), OWASP, NIST. Lazy-loading, zero context pollution. Your AI red team.

575stars

95forks

TypeScript

Installation

# Add to your Claude Code skills
git clone https://github.com/CyberStrikeus/CyberStrike

Getting Started

Guides for using ai agents skills like CyberStrike.

Caveman: Cut Claude Token Use by 65%
How agent-side prompt compression works, when to use it, and when not to.
What is an AI Skills Marketplace?
Definitions, how marketplaces work, and how to choose between them in 2026.
Getting Started with AI Skills

Security ReportVerified

Last scanned: 5/30/2026

{
  "issues": [],
  "status": "PASSED",
  "scannedAt": "2026-05-30T15:06:22.697Z",
  "npmAuditRan": false,
  "pipAuditRan": true
}

README.md

Frequently Asked Questions

What is CyberStrike?

CyberStrike is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by CyberStrikeus. AI-powered offensive security agent with 7,300+ actionable security skills. Autonomous pentesting powered by MITRE ATT&CK (2,000+ Atomic tests), CIS Benchmarks (1,500+ controls), OWASP, NIST. Lazy-loading, zero context pollution. Your AI red team. It has 575 GitHub stars.

Is CyberStrike safe to use?

Yes. CyberStrike passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.

How do I install CyberStrike?

Clone the repository with "git clone https://github.com/CyberStrikeus/CyberStrike" and add it to your Claude Code skills directory (see the Installation section above).

What programming language is CyberStrike written in?

CyberStrike is primarily written in TypeScript. It is open-source under CyberStrikeus on GitHub, so you can review or fork the full source.

Are there alternatives to CyberStrike?

Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh CyberStrike against similar tools.

Agentic AI for Beginners

Build your first AI agent from scratch - tool use, ReAct pattern, memory, deployment

41 minBeginner

Comments (0)

to leave a comment.

No comments yet. Be the first to share your thoughts!

Related Skills

ECC

by affaan-m

The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.

218,961

boss-skill agent-apprenticeship

Quick Start

npm i -g @cyberstrike-io/cyberstrike@latest && cyberstrike

That's it. CyberStrike launches a TUI in your terminal, asks for your LLM provider and API key on first run, and you're ready to go. Tell it what to test — it handles reconnaissance, vulnerability discovery, exploitation, and reporting autonomously.

Already have a Claude Code or OpenAI subscription? CyberStrike's intelligence layer sits on top of your existing AI subscription. No separate API costs — your current plan powers an entire pentest toolkit.

Explore the full documentation at docs.cyberstrike.io or visit cyberstrike.io for demos and guides.

Intelligence Layer

CyberStrike isn't just a wrapper around an LLM. It's an intelligence layer that transforms any AI model into an offensive security specialist.

How it works: When you connect your LLM provider, CyberStrike injects domain-specific context — OWASP testing methodology, vulnerability patterns, attack chain reasoning, and tool orchestration logic — into every interaction. The model doesn't need to know security; CyberStrike teaches it.

What the intelligence layer provides:

Schema normalization — Structured output from any provider, regardless of response format differences
Context guard — Prevents prompt leakage and keeps the agent focused on the current test phase
Provider auto-detection — Automatically identifies your LLM endpoint and configures the optimal transport
Tool orchestration — Chains security tools intelligently based on findings, not fixed scripts

15+ LLM providers supported out of the box:

Provider	Models	Notes
Anthropic	Claude 4.5, Claude 4	Best performance with extended thinking
OpenAI	GPT-4.1, o3, o4-mini	Full tool-use support
Google	Gemini 2.5 Pro/Flash	Long context for large codebases
Amazon Bedrock	All Bedrock models	IAM auth, no API keys needed
Azure OpenAI	All Azure-hosted models	Enterprise deployments
Groq	LLaMA, Mixtral	Ultra-fast inference
Mistral	Mistral Large, Codestral	European data residency
DeepSeek	DeepSeek V3, R1	Cost-effective alternative
OpenRouter	100+ models	Single API, any model
Together AI	Open-source models	Fine-tuning support
Ollama	Any GGUF model	Fully offline, local-only
LM Studio	Any local model	Desktop GUI + API server
vLLM	Any HuggingFace model	Self-hosted, GPU-optimized
Any OpenAI-compatible	—	Custom endpoints welcome

Air-gapped environments? Run CyberStrike entirely offline with Ollama or LM Studio. No data leaves your machine — ever.

What Makes It Different

Specialized Security Agents, Not Generic Chat

CyberStrike ships with 13+ agents purpose-built for security domains. Each agent carries domain-specific methodology, tool knowledge, and testing patterns. The web-application agent follows OWASP WSTG. The cloud-security agent knows CIS benchmarks. The mobile agent uses Frida and follows MASTG/MASVS. They don't guess — they follow proven offensive security frameworks.

Intelligence Layer, Not Just an LLM Wrapper

Most AI security tools are thin wrappers that send your prompt to an API. CyberStrike's intelligence layer normalizes outputs across 15+ providers, guards context between test phases, auto-detects your provider configuration, and orchestrates multi-step attack chains. The result: consistent, methodology-driven pentesting regardless of which model you use.

Any LLM, Zero Lock-in

Anthropic, OpenAI, Google, Amazon Bedrock, Azure, Groq, Mistral, DeepSeek, OpenRouter, Together AI — or run fully offline with Ollama and LM Studio. You choose the model. You own the results. As AI models get better and cheaper, CyberStrike gets better with them. Switch providers in seconds without reconfiguring anything.

Remote Tool Execution with Bolt

Your security tools don't have to run on your laptop. Deploy Bolt on one or many remote servers, pair with Ed25519 keys, and control everything from your local terminal. One CyberStrike instance can orchestrate dozens of Bolt servers — each with its own toolkit, network position, and attack surface access.

Agents

Switch between agents with Tab. Each one is a domain specialist.

Agent	Focus	What It Does
cyberstrike	General	Full-access primary agent — reconnaissance, exploitation, reporting
web-application	Web	OWASP Top 10, WSTG methodology, API security, session testing
mobile-application	Mobile	Android/iOS, Frida/Objection, MASTG/MASVS compliance
cloud-security	Cloud	AWS, Azure, GCP — IAM misconfigs, CIS benchmarks, exposed resources
internal-network	Network	Active Directory, Kerberos attacks, lateral movement, pivoting

Plus 8 specialized proxy testers that run automatically on intercepted traffic:

Tester	What It Tests
IDOR	Object-level access control — can user A reach user B's resources?
Authorization Bypass	Vertical privilege escalation — can low-privilege users hit admin endpoints?
Mass Assignment	Unexpected writable fields — role, price, balance, userId in request bodies
Injection	SQL, command, LDAP, template injection across all input vectors
Authentication	Token validation, session fixation, credential exposure
Business Logic	Price manipulation, coupon reuse, race conditions, workflow bypass